NeonXP/gmifs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
gmifs/gemini/gencert.go

48 lines
1.1 KiB
Go
Raw Blame History

package gemini
import (
"crypto/rand"
"crypto/rsa"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"math/big"
"time"
)
// GenX509KeyPair generates a TLS keypair with one week validity.
func GenX509KeyPair(host string) (tls.Certificate, error) {
now := time.Now()
template := &x509.Certificate{
SerialNumber: big.NewInt(now.Unix()),
Subject: pkix.Name{
CommonName: host,
Organization: []string{host},
},
NotBefore: now,
NotAfter: now.AddDate(0, 0, 7),
BasicConstraintsValid: true,
IsCA: true,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
KeyUsage: x509.KeyUsageKeyEncipherment |
x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
}
priv, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return tls.Certificate{}, err
}
cert, err := x509.CreateCertificate(rand.Reader, template, template,
priv.Public(), priv)
if err != nil {
return tls.Certificate{}, err
}
var out tls.Certificate
out.Certificate = append(out.Certificate, cert)
out.PrivateKey = priv
return out, nil
}
Reference in a new issue View git blame Copy permalink